Our managed security services protect your organization’s key information assets. Whether your business is an small medium business, or enterprise or a start-up company, we can help lower the internal costs associated with cloud-based information security management, monitoring and support for any type of organization.
Security Event Management
Security Event Management (SEM) focuses primarily on the tools, technologies and services that are needed by IT security operations to manage security devices and the security of IT infrastructure, applications and transactions. The value proposition for this technology is monitoring and correlating of security data from multiple devices and systems to enable better security assessment and support appropriate remedial action.
Our Managed Security Services (MSS) complete features are as follows:
Traffic and Bandwidth Monitoring
- Network Traffic Monitoring
Our MSS provides a unique way for monitoring the traffic of the network. Our MSS will measures network traffic based on the analysis of logs received from different network security appliances. Logs are collected, archived, and analyzed to get granular details about traffic across each security appliance. No need to deploy any hardware probes or collection agents to get these details on traffic.
- Network Bandwidth Monitoring
Our MSS also provides a unique way for measuring the bandwidth usage in the network. Bandwidth usage is measured based on the analysis of logs received from different security appliances. Logs are collected, archived, and analyzed to get granular details about bandwidth usage. Live reports provide real-time traffic monitoring details in the form of graph and table. We can get details of the incoming and outgoing traffic for the specific security appliances for specific time periods for ex: last 24 Hours, last 7 Days, last 30 Days, and last 1 Year. This live report can be drilled down into more granular details
Employee Internet Usage Monitoring
Our MSS monitors internet use or misuse by the employees in your organization by providing you the following insights:
- Internet sites accessed by the employees in your organization.
- Protocols used by them for communication.
- Working Hour and Non-Working Hour web usage details and trends.
- Firewall rules used by your employees and their usage pattern.
- Get notification on when an employee tries to access restricted sites, like streaming & chat sites
- Iidentify Internet abuse, and excessive internet usage.
- Get notified on anomalies like sudden spike in internet usage.
- Keep tabs of employee internet transactions that can cause attacks / virus in your environment.
- Compare current internet usage with your historical data to enable you to make firewall policy changes.
- Get live internet bandwidth graphs with finer details of inbound and outbound traffic flows.
Firewall Rules and URL Monitoring
- Firewall Rules Monitoring
Our MSS provides a value added feature of monitoring the firewall rules configured for the network. Our MSS fetches all the rules of the Firewalls and provides rule wise usage information. With the help of this, we will be able to analyze the usage and effectiveness of the Firewall rules and manage the Firewall rules for optimal usage.
- URL Monitoring
Our MSS provides top URLs visited as part of the Web Usage reports. Top URLs report provides the details of hits, percentage hits, bytes, and percentage bytes used for accessing the URLs from your enterprise network through each of your configured firewall.
- Threshold Based Alerts
Our MSS threshold based firewall alerts can be set up when there is a problem in the network and threshold has been violated. We can choose the exact criteria to trigger the alert, set the priority of the alert, and finally set up an email notification to immediately notify IT when the alert is triggered.
- Anomaly Based Firewall Alerts
Alerts can be set up for detecting abnormal traffic behaviors or anomalies. Anomaly alert reports can be used for Network Behavioral Analysis (NBA).You can set the filters to detect anomalies, choose the threshold criteria to trigger the anomaly alert, set the priority of the alert, and finally set up an email notification to immediately notify IT when the alert is triggered.
Firewall Alerts Administration
- Alerts Administration
The triggered alerts can be administered by us. We can assign owner to a particular alert, add or view note for a particular alert, view the history of the Alert from the time of trigger and you can also delete the Alert.
- Script execution on Alert Triggering
Alerts Profiles can be configured to send email notification to immediately notify, when the alert is triggered. Apart from this we can also perform customized actions on alert trigger. To achieve this, our MSS let us to configure the script to be executed.
Rich and Powerful Reporting Features
- Firewall Reports
Our MSS provides easy to understand executive dashboard view reporting for real time firewall traffic monitoring. The executive dashboard is automatically updated to show details of incoming and outgoing traffic for each firewall whose logs are analyzed.
- VPN Reports
VPN Reports give detailed statistics on VPN usage. Reports include drill down details on top VPN hosts, top protocols used by the VPN, and bandwidth used by the VPN during peak and off-peak hours. Trend reports show us VPN usage trends over time.
- Proxy Servers Reports
Proxy servers are typically used along with a firewall to secure internal networks from the outside using a proxy cache. Analysis of proxy logs gives deeper insight into internal network users and access patterns. Our MSS offers various reports on proxy servers such as top talker reports, website detail report, and usage summary reports.
- Network Security Reports
Our MSS includes instant reports on viruses, attacks and security breach in your network. With these reports it is easier for IT to do business risk assessment, detect problems and resolve them as soon as they are found.
- Ad hoc & Scheduling Reports
Our MSS enables us to convert the advanced search results into report profiles. The advanced search results can be based on aggregated log database or raw firewall logs. Our MSS reporting features lets us to create report profiles based on the advanced search results. This is an easy and convenient way of creating a report profile.
- Raw Logs Search Reporting
Our MSS also enables us to search the raw logs of Firewall to pinpoint the exact log entry which caused the security activity. The advanced search results based on raw firewall logs can be converted into report profiles. Archived logs can be imported and security incident mining can be carried out by searching the raw logs. This makes security incident mining easy, which is otherwise a task with huge manually effort.
- Custom Reporting
Our MSS reporting features also includes custom report profiles that let us create reports based on specific criteria. We can choose the sub-reports that you want to include in this report, the exact parameters to be reported on, and even the layout of the graph to be generated. It is indeed very powerful and flexible and at the same time it is very informative and professionally presented in an easy to understand manner.